abbyswag/qwen-code
1
0
Fork 0
mirror of https://github.com/QwenLM/qwen-code.git synced 2025-12-20 08:47:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

Sanitize checkpoint tags (#4813)

Browse Source
This commit is contained in:
Seth Troisi
2025-07-24 16:05:13 -07:00
committed by GitHub
parent f0400912fd
commit e9ee686ab6
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
packages/core/src/core/logger.ts
View File

@@ -238,6 +238,12 @@ export class Logger {
if (!this.geminiDir) {
throw new Error('Checkpoint file path not set.');
}
// Sanitize tag to prevent directory traversal attacks
tag = tag.replace(/[^a-zA-Z0-9-_]/g, '');
if (!tag) {
console.error('Sanitized tag is empty setting to "default".');
tag = 'default';
}
return path.join(this.geminiDir, `checkpoint-${tag}.json`);
}